Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-20 | CVE-2022-48321 | Server-Side Request Forgery (SSRF) vulnerability in Checkmk 2.1.0 Limited Server-Side Request Forgery (SSRF) in agent-receiver in Tribe29's Checkmk <= 2.1.0p11 allows an attacker to communicate with local network restricted endpoints by use of the host registration API. | 3.3 |
| 2023-02-17 | CVE-2021-33926 | Server-Side Request Forgery (SSRF) vulnerability in Plone An issue in Plone CMS v. | 8.8 |
| 2023-02-16 | CVE-2022-27234 | Server-Side Request Forgery (SSRF) vulnerability in Intel Computer Vision Annotation Tool Server-side request forgery in the CVAT software maintained by Intel(R) before version 2.0.1 may allow an authenticated user to potentially enable information disclosure via network access. | 6.5 |
| 2023-02-14 | CVE-2023-22936 | Server-Side Request Forgery (SSRF) vulnerability in Splunk and Splunk Cloud Platform In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘search_listener’ parameter in a search allows for a blind server-side request forgery (SSRF) by an authenticated user. | 6.3 |
| 2023-02-13 | CVE-2023-25162 | Server-Side Request Forgery (SSRF) vulnerability in Nextcloud Server Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. | 5.3 |
| 2023-02-01 | CVE-2022-37033 | Server-Side Request Forgery (SSRF) vulnerability in Dotcms In dotCMS 5.x-22.06, TempFileAPI allows a user to create a temporary file based on a passed in URL, while attempting to block any SSRF access to local IP addresses or private subnets. | 6.5 |
| 2023-02-01 | CVE-2022-47872 | Server-Side Request Forgery (SSRF) vulnerability in Maccms 10.0 A Server-Side Request Forgery (SSRF) in maccms10 v2021.1000.2000 allows attackers to force the application to make arbitrary requests via a crafted payload injected into the Name parameter under the Interface address module. | 8.8 |
| 2023-01-30 | CVE-2023-24622 | Server-Side Request Forgery (SSRF) vulnerability in Includesecurity Safeurl-Python 1.0 isInList in the safeurl-python package before 1.2 for Python has an insufficiently restrictive regular expression for external domains, leading to SSRF. | 5.3 |
| 2023-01-30 | CVE-2023-24623 | Server-Side Request Forgery (SSRF) vulnerability in Paranoidhttp Project Paranoidhttp 0.1.0/0.2.0 Paranoidhttp before 0.3.0 allows SSRF because [::] is equivalent to the 127.0.0.1 address, but does not match the filter for private addresses. | 7.5 |
| 2023-01-27 | CVE-2022-4201 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab A blind SSRF in GitLab CE/EE affecting all from 11.3 prior to 15.4.6, 15.5 prior to 15.5.5, and 15.6 prior to 15.6.1 allows an attacker to connect to local addresses when configuring a malicious GitLab Runner. | 5.3 |